AWS Cloud Essentials Guide

AWS Cloud Essentials

AWS Cloud as a computing platform supports companies large and small the world over. This guide introduces you to the Essentials of AWS Cloud services.

I want to give you an intro to AWS Cloud computing through this guide. I want you to understand why raising your AWS proficiency means the time you invest will pay you back many times over.

Why you should pick AWS Cloud over the Alternatives

The cloud is the cloud is the cloud, right?
From an outside perspective all cloud providers may seem similar.
How could one service have any clear advantage over another?

In a nutshell the advantages to AWS Cloud are:

More cloud-based solutions live on AWS than any other – it is a proven solution

Amazon uses the platform itself – they eat their own dog food

Engineers have flocked to AWS to learn – there is a large talent pool to help

AWS is constantly growing – new services to better serve your business are on the way

Choosing AWS Cloud services – given the low cost and stable infrastructure – is one of the most strategic moves you can make for the technology in your business today.

How can I be sure?

I have made the switch to AWS Cloud, both in my own business and for my clients. In all cases the cost of operations has shrunk, reliability has increased, no additional administrative staff have been added, and the ability to integrate with other AWS services became simple.

My business and those of my clients can invest the money we would have spent on higher technology costs on opportunities to expand our businesses and grow our revenue. We do not have to lose sleep at night worrying that a server or piece of network gear might be on its last legs and ready to fail at any moment. If I want to make use of a new service AWS offers or a service new to my business, implementing it is not going to require jumping through multiple flaming hoops while keeping plates spinning.

AWS Cloud is one of the best cures for heartburn over technology worries I have found for my business and one I wholeheartedly recommend to my clients.

Still not
convinced?

Here is something to think about.

There are huge companies running on AWS Cloud. Companies like Netflix that have extreme pressure on their ability to deliver on demand entertainment the world over without interruption or down time. Netflix runs on AWS.

Companies like GE, McDonalds, Harvard Medical School, Kellogg’s, NASA, and Yelp all rely on AWS Cloud to deliver infrastructure and computing services. A pretty impressive alumnus to say the least.

This does not even scratch the surface.
There are tens of thousands of smaller companies depending on AWS for
services; everything from virtual desktop computers, to offsite backup, to
website hosting, and more. All of which are available on demand. No waiting on hardware to be delivered and
installed. Simply select the service you
want and fire it right up.

Better yet, the initial investment barrier is
removed. AWS services are “Pay as you go”. You do not have to invest in a data center,
networking, servers, and workstations. All that is complete and priced
into the services that you use.

AWS is light switch technology. No
worrying about all the miles of wiring or the power plants that make delivering
electricity possible. Simply turn it on and it works.

But SOME knowledge
is required!

You cannot just dive headfirst into the deep end of AWS and expect not to drown. You must know the basic strokes that let you swim safely. This article teaches you the essential techniques you need to swim in the AWS Cloud ocean.

You must reach a level of understanding and
comfort with AWS before you can be confident that what you build for your
company will do what you need it to do in an efficient and secure way.

In this guide I have one goal in mind. Helping you get proficient with AWS basics so you have the skills needed to launch your own infrastructure and systems with AWS.

This guide covers the essential services of AWS cloud and how they can work for you in your infrastructure. I explain what a service is, what it does, and how it fits into a sound technology strategy. By the end of this guide you’ll be familiar with the foundation of AWS Cloud and ready to move on to more advanced topics.

AWS Cloud Services Covered

Identity and Access Management – IAM Security

AWS Elastic Compute Cloud – EC2

Route 53 Domain Name Server Management

Virtual Private Cloud – VPC

Simple Storage System – S3

Relational Database System – RDS

Elastic File System – EFS

AWS IAM – Identity and Access Management

IAM – Identity and Access Management

IAM grants you fine grained control over Identities (users, groups) and Access (create, read, update, delete permissions). You utilize IAM to create identities connected to actual users or service accounts. Then, using IAM security policies, you manage access for these identities.

You may grant identities console access, API access or both.

Console Access

Console access allows a user to connect to the web management console to interact with AWS services. Identities with Console Access have a username and password assigned to allow them to log into the web management console.

In addition, Multi-factor Authentication, MFA, adds an optional layer of security for identities with console access. When enabled, MFA prompts for an additional factor of authentication such as Google Authenticator, before allowing access to the management console.

API Access

API access allows an identity to interact with AWS through either the AWS Command Line Interface (CLI) or through the AWS Software Development Kit (SDK). Identities with API access require Access Keys to utilize AWS services.

Access keys consist of an Access Key ID and a Secret Access Key. The Secret Access Key can only be viewed and downloaded at the time they are created. It is not possible to recover them in the future.

This steps you through the process of entering or updating your default values, including your Access Key ID and your Secret Access Key.

To use API access through the SDK you supply the Access Key ID and Secret Access Key values in application code.

AWS Security Policies

Security policies allow you to restrict the capabilities of identities to only desired features. This allows strict control over access to and changes of AWS data and resources.

Every aspect of an AWS service falls under the governance of a security policy. When possible, utilize existing security policies developed by Amazon instead of creating your own.

To use a security policy, attach it to a user or group identity.

Group Identities

AWS IAM group identities allows you to add users to groups to grant them access to functionality while their responsibilities require that access. If you ever need to remove a user’s access without deleting the user altogether, you simply remove them from the group.

Additionally, if you ever need to add or take away access permissions for the group you can simply edit the security policy attached to the group. All group members immediately receive the permissions update.

IAM Summary

AWS enables you to administer security for your AWS infrastructure through sophisticated but easy to use Identity and Access Management tools. It provides extremely fine grained control while offering predefined templates to simplify common tasks.

IAM will play a significant role in all of your AWS solutions. Make sure you have a solid understanding of it and how to use it before moving much further into your use of AWS Cloud.

Want More?

This guide has introduced you to the essential technologies and concepts of AWS Cloud. If you would like to go deeper with hands on lessons, I’ve made that possible via my “AWS Essentials Workbook“. It covers seven essential services of AWS that take you from novice to adept via the shortest path possible.

It teaches you how to make use of the technologies covered here through an infrastructure project. In the workbook you build out your own WordPress web server farm making use of all of the AWS cloud technologies discussed above.

This Post Has 2 Comments

Hi Nat,
Would you be interested in publishing a Table of Contents for your ebook?
I used to use aws some years ago and am looking for a refresher. I launched a small instance of nextcloud using a community ami instance, but wasn’t able to ssh or browse to it even tho the security group was public, allow all incoming, allow all outgoing. I downloaded the .pem file, used ubuntu for root user, since I’m running an ubuntu 18.04 instance. I also added an elastic public address and associated it with my live instance.
I’ll probably go back to something more vanilla just to connect the dots.